From rmeggins at redhat.com  Tue Apr 22 15:17:55 2008
From: rmeggins at redhat.com (Rich Megginson)
Date: Tue, 22 Apr 2008 09:17:55 -0600
Subject: [Fedora-directory-announce] Security vulnerability in
	fedora-ds-admin (April 22, 2008)
Message-ID: <480E01A3.201@redhat.com>

The fedora-ds-admin-1.1.0 package has a couple of security vulnerabilities:

    * CVE-2008-0892 Directory Server: shell command injection in CGI
      replication monitor -
      https://bugzilla.redhat.com/show_bug.cgi?id=437301
    * CVE-2008-0893 Directory Server: unrestricted access to CGI scripts
      - https://bugzilla.redhat.com/show_bug.cgi?id=437320

The new package is fedora-ds-admin-1.1.4-1 This package is available 
from the Fedora yum repository for F-7 and later, or from the dirsrv yum 
repo on Fedora 6 and EL5. See Install_Guide 
<http://directory.fedoraproject.org/wiki/Install_Guide> for information 
about how to use these yum repositories for your platform.

There are also updates to the adminutil (new version 1.1.6) and to some 
of the other packages. These updates are recommended.

*NOTE for Fedora 8 and later users:* all of the packages are now in the 
standard Fedora repos. Please remove your 
/etc/yum.repos.d/idmcommon.repo and /etc/yum.repos.d/dirsrv.repo files 
before you install or upgrade. See Install_Guide 
<http://directory.fedoraproject.org/wiki/Install_Guide> for more 
information.

*NOTE for Fedora 6, 7 and EL5 users:* You may get an error about a 
missing dependency fedora-admin-console when upgrading. If you get this 
error, remove the old fedora-ds package (yum erase fedora-ds) and 
upgrade again.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-announce/attachments/20080422/3255a622/attachment.bin>

From rmeggins at redhat.com  Thu Apr 24 21:23:44 2008
From: rmeggins at redhat.com (Rich Megginson)
Date: Thu, 24 Apr 2008 15:23:44 -0600
Subject: [Fedora-directory-announce] Announcing web apps package for Fedora
	DS 1.1 - fedora-ds-dsgw
Message-ID: <4810FA60.5090402@redhat.com>

The web applications have been moved into a separate package called 
fedora-ds-dsgw. This package contains the Phonebook, Org Chart, and DS 
Gateway applications. This package is now available as an add-on for the 
fedora-ds-admin package. The shell script /usr/sbin/setup-ds-dsgw is 
provided to configure the applications and enable them to be used from 
the Admin Server home page (as in 1.0 and earlier versions). See the 
DSGW_Install_Guide for more information.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-announce/attachments/20080424/237bb079/attachment.bin>